ruby-on-rails - 配置 Capybara + Selenium 以通过 SSL 进行测试

Question

我的应用程序的核心部分调用 Etsy API。我正在尝试使用 Rspec、Capybara 和 Selenium 编写测试来测试该 API。在我成功调用一个电话后，我想将它们 stub 。

我的问题是 Etsy 身份验证过程仅适用于 SSL。因此，当我尝试使用 http 进行测试时，出现错误 400。

我用了这个tutorial设置 SSL 但我不断收到此错误:

  1) New connection authenticates with Etsy
     Failure/Error: res = http.get('/__identify__')

     OpenSSL::SSL::SSLError:
       SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: unknown protocol
     # ./spec/spec_helper.rb:68:in `responsive?'

这是我的 spec_helper.rb:

require 'webmock/rspec'
require 'capybara/rspec'
include WebMock::API
require 'etsy'
WebMock.disable_net_connect!(allow_localhost: true)
#Capybara.current_driver = :selenium
Capybara.default_max_wait_time = 20

require 'webrick/https'
require 'rack/handler/webrick'

def run_ssl_server(app, port)

  opts = {
    :Port => port,
    :SSLEnable => true,
    :SSLVerifyClient => OpenSSL::SSL::VERIFY_NONE,
    :SSLPrivateKey => OpenSSL::PKey::RSA.new("./spec/support/server.key"),
    :SSLCertificate => OpenSSL::X509::Certificate.new(File.read "./spec/support/server.crt"),
    :SSLCertName => [["US", 'localhost.key']],
    :AccessLog => [],
    :Logger => WEBrick::Log::new(Rails.root.join("./log/capybara_test.log").to_s)
  }
  profile = Selenium::WebDriver::Firefox::Profile.new
  profile.assume_untrusted_certificate_issuer = false

   Capybara::Driver::Selenium.new(app, :browser=> :firefox, :profile => profile)
  Rack::Handler::WEBrick.run(app, opts)
end

Capybara.server do |app, port|
  run_ssl_server(app, port)
end

Capybara.server_port = 3001
Capybara.app_host = "https://localhost:%d" % Capybara.server_port

  Capybara.register_driver :selenium do |app|
    profile = Selenium::WebDriver::Firefox::Profile.new
    profile.assume_untrusted_certificate_issuer = false
    Capybara::Selenium::Driver.new(app, :profile => profile)
  end

module Capybara
  class Server
    def responsive?
      return false if @server_thread && @server_thread.join(0)

      http = Net::HTTP.new(host, @port)
      http.use_ssl = true
      http.verify_mode = OpenSSL::SSL::VERIFY_NONE
      res = http.get('/__identify__')

      if res.is_a?(Net::HTTPSuccess) or res.is_a?(Net::HTTPRedirection)
        return res.body == @app.object_id.to_s
      end
    rescue SystemCallError
      return false
    end
  end
end

提前致谢!

Answer 1

您的 run_ssl_server 中似乎有多余的东西，这没有任何意义

profile = Selenium::WebDriver::Firefox::Profile.new
profile.assume_untrusted_certificate_issuer = false

Capybara::Driver::Selenium.new(app, :browser=> :firefox, :profile => profile)

所以我认为这只是一个复制/粘贴错误？

继续您遇到的错误似乎是在告诉您连接未知/不支持 SSLv2/SSLv3 协议(protocol)。您可以通过指定 SSLOptions、SSLCiphers 和 SSLVersion 选项在您的 WEBRick 选项中禁用它们，如 How to harden rails+webrick+https with insecure ciphers removed on Ruby 2.2 中所示。

一个更简单的选择可能是不注册你自己的服务器，修补 Capybara，修复服务器端口或设置 app_host，而是切换到使用 Capybara >= 3.1.0 并且只配置 Puma运行 SSL

Capybara.server = :puma, { Host: "ssl://#{Capybara.server_host}?key=#{key_file_path}&cert=#{cert_file_path}" }

然后您可以注册您使用的任何浏览器与 Selenium 以允许自签名证书(如果需要)

Capybara.register_driver :insecure_selenium do |app|
  Capybara::Selenium::Driver.new(
    app,
    browser: :firefox,
    desired_capabilities: { accept_insecure_certs: true }
  )
end

Capybara.javascript_driver = :insecure_selenium # https://github.com/teamcapybara/capybara#drivers